Context analysis at an information handling system to manage authentication cycles

US 9,235,729 B2
Filed: 11/08/2013
Issued: 01/12/2016
Est. Priority Date: 11/08/2013
Status: Active Grant

First Claim

Patent Images

1. An information handling system comprising:

a housing;

a processor disposed in the housing and operable to process information;

memory disposed in the housing and interfaced with the processor, the memory operable to store the information;

a chipset disposed in the housing and interfaced with the processor and memory, the chipset having firmware to coordinate interactions between the processor and sensors;

plural sensors disposed in the housing and interfaced with the chipset, the plural sensors operable to sense plural conditions external to the housing;

plural sets of confidential information, each set of confidential information protected by at least one authentication protocol; and

a security processor interfaced with the chipset and the processor, the security processor selectively monitoring the plural conditions to selectively lock selected of the sets of confidential information currently authorized for access by the at least one authentication protocol, the security processor locking a first set of confidential information based upon a first time out period if monitoring by a first of the plural sensors and locking the first set of confidential information based upon a second time out period if monitoring by a second of the plural sensors; and

a security timer associated with the security processor, the security processor selectively locking selected sets of confidential information at predetermined time outs of the security timer, the predetermined time out period depending upon the type of sensor and condition currently monitored by the security processor;

wherein the security processor applies a first time out period to lock a first set of confidential information when monitoring by a camera and a second time out period to lock the first set of confidential information when monitoring by an accelerometer.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Context captured with sensors of an information handling system is applied to selectively lock access to currently unlocked information, with conditions for locking access based upon the context. Nervous states enforce locking of selected information based upon the confidence of the security of the information under sensed external conditions. Increased sensitivity for locking access includes reduced timeouts to a lock command, increased response to sensed conditions, and more rapid response where unlocked access is to sensitive information.

Citations

12 Claims

1. An information handling system comprising:
- a housing;
  
  a processor disposed in the housing and operable to process information;
  
  memory disposed in the housing and interfaced with the processor, the memory operable to store the information;
  
  a chipset disposed in the housing and interfaced with the processor and memory, the chipset having firmware to coordinate interactions between the processor and sensors;
  
  plural sensors disposed in the housing and interfaced with the chipset, the plural sensors operable to sense plural conditions external to the housing;
  
  plural sets of confidential information, each set of confidential information protected by at least one authentication protocol; and
  
  a security processor interfaced with the chipset and the processor, the security processor selectively monitoring the plural conditions to selectively lock selected of the sets of confidential information currently authorized for access by the at least one authentication protocol, the security processor locking a first set of confidential information based upon a first time out period if monitoring by a first of the plural sensors and locking the first set of confidential information based upon a second time out period if monitoring by a second of the plural sensors; and
  
  a security timer associated with the security processor, the security processor selectively locking selected sets of confidential information at predetermined time outs of the security timer, the predetermined time out period depending upon the type of sensor and condition currently monitored by the security processor;
  
  wherein the security processor applies a first time out period to lock a first set of confidential information when monitoring by a camera and a second time out period to lock the first set of confidential information when monitoring by an accelerometer.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The information handling system of claim 1 wherein the plural sensors include at least one or more touch Input/Output (I/O) devices, one or more visual image devices, and one or more wireless devices, the security processor monitoring only the one or more touch I/O devices unless no predetermined conditions are sensed, and then monitoring only the one or more visual image devices unless no predetermined conditions are sensed, and then monitoring only the one or more wireless devices unless no predetermined conditions are sensed.
  - 3. The information handling system of claim 1 wherein the first set of confidential information comprises financial records and the second time out period comprises zero time.
  - 4. The information handling system of claim 3 wherein a second set of confidential information comprises multimedia entertainment information and the second time out period comprises the play time remaining to complete presentation of the multimedia entertainment information.
  - 5. The information handling system of claim 1 further comprising a secure hash stored in association with the chipset and with the security processor, the chipset applying the secure hash to communicate sensor information to the security processor.
  - 6. The information handling system of claim 1 wherein the plural sets of confidential information comprise at least financial information accessible through a network and protected by a first password and financial information stored locally and protected by a second password.

7. A method for securing an information handling system, the method comprising:
- securing access to plural sets of confidential information through the information handling system with plural authentication protocols;
  
  authorizing access to the plural sets of confidential information with the plural protocols;
  
  monitoring conditions proximate the information handling system with selected of plural sensors disposed in the information handling system; and
  
  selectively removing authorization to access to selected of the sets of confidential information based upon the monitored conditions;
  
  wherein the monitored conditions that remove authorization depend at least in part on the number and types of the plural sensors selected to perform the monitoring conditions; and
  
  wherein monitoring conditions further comprises;
  
  monitoring only with touch sensors until touch sensor fail to detect touch for a predetermined time;
  
  monitoring only with optical sensors in response to failing to detect touch for the predetermined time until optical sensors fail to detect end user presence for a predetermined time; and
  
  monitoring only with RF sensors in response to failing to detect end user presence for the predetermined time.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method of claim 7 wherein the sensors comprise a proximity sensor operable to detect an end user touch and a light sensor operable to detect light and wherein selectively removing authorization further comprises removing authorization after a first time period for a first set of confidential information in response to a lack of sensed end user proximity and removing authorization after a second time period for a second set of confidential information in response to a lack of sensed end user touch, the first and second time periods of different lengths.
  - 9. The method of claim 8 wherein the first set of confidential information comprises information accessed with a network and the second set of confidential information comprises information stored locally at the information handling system.
  - 10. The method of claim 8 wherein the first set of confidential information comprises financial information and the second set of confidential information comprises word processing documents.
  - 11. The method of claim 7 wherein monitoring conditions further comprises:
    - applying a first time out period to remove authorization when monitoring with the touch sensors;
      
      applying a second time out period to remove authorization when monitoring with the optical sensor; and
      
      applying a third time out period to remove authorization when monitoring with the RF sensors.

12. A method for securing an information handling system, the method comprising:
- securing access to plural sets of confidential information through the information handling system with plural authentication protocols;
  
  authorizing access to the plural sets of confidential information with the plural protocols;
  
  monitoring conditions proximate the information handling system with selected of plural sensors disposed in the information handling system; and
  
  selectively removing authorization to access to selected of the sets of confidential information based upon the monitored conditions;
  
  wherein the monitored conditions that remove authorization depend at least in part on the number and types of the plural sensors selected to perform the monitoring conditions;
  
  wherein monitoring conditions further comprises;
  
  monitoring only with touch sensors until touch sensor fail to detect touch for a predetermined time;
  
  monitoring only with the touch sensors and with optical sensors in response to failing to detect touch for the predetermined time until optical sensors fail to detect end user presence for a predetermined time; and
  
  monitoring with touch sensors, optical sensors and RF sensors in response to failing to detect end user presence for the predetermined time.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dell Products LP (Dell Technologies Inc.)
Original Assignee
Dell Products LP (Dell Technologies Inc.)
Inventors
Robison, Charles D., Quinn, Liam B., Ancona, Rocco, Pacheco, Roman Joel
Primary Examiner(s)
PEARSON, DAVID J

Application Number

US14/075,135
Publication Number

US 20150135021A1
Time in Patent Office

795 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 11/0757   by exceeding a time limit, ...

G06F 21/6263   during internet communicati...

G06F 21/81   by operating on the power s...

G06F 21/86   Secure or tamper-resistant ...

H04L 63/083   using passwords cryptograph...

H04W 12/065   Continuous authentication

H04W 12/068   using credential vaults, e....

Context analysis at an information handling system to manage authentication cycles

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Context analysis at an information handling system to manage authentication cycles

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links